What do you mean I cannot run a server or database at Netlify?!?!

The JAMstack is not about specific technologies. It’s a new way of building websites and apps that delivers better performance, higher security, lower cost of scaling, and a better developer experience.

A core principle of the JAMStack is that it doesn’t depend on a “web server”. Now, clearly there is still a web server replying to HTTP requests, but the CDN/ADN at Netlify only serves static files. What isn’t happening is that a web application, in realtime as the HTTP request is received, dynamically generates a unique version of a web page on the fly using a programming language of some kind. With a JAMStack site, there is no application server or language runtime (meaning no node.js, Ruby, PHP, Python, etc).

If I cannot run a web server, why are you installing node modules (or a specific Ruby version) when I deploy my site?

You can use these languages (Node, Ruby, Python, PHP and many others) to build the site, but you can not use the language on the web server after the site is deployed.

Static site generators, gulp, grunt, webpack, etc - these can all be used to build a site at Netlify. After the build and deploy, though, the site is just static files (HTML, JavaScript, CSS, images, fonts, etc) served by Netlify’s CDN/ADN.

Okay, but I need to run node/ruby/php (or use a database) for my site to work. Now what?

This is where the A in JAMStack comes in (A = API). Any runtime/dynamic information the page needs is collected using API calls which originate from the end user’s web browser - not the web server.

JAMStack sites can be dynamic and present unique content to individual users. It is just that with the JAMStack, the users browser (not the web server) does this using API calls and javascript.

Netlify Functions is one way to make your own API endpoints and keep them in sync with your site at Netlify. You can also run backend services (such as API’s, databases, etc) on other providers. (meaning using Lambda or Heroku for an API endpoint instead of Functions will work too). Using third-party APIs (like Stripe) is a common practice as well.

If your backend service is hosted with another provider, you can also proxy these API requests. Proxying API calls can be useful if there are Cross-Origin Resource Sharing (CORS) issues (or if you simply want to obfuscate where the API endpoint is).

How do I keep from exposing private API keys if the API call happens from the end user’s browser?

If you are looking to upload new versions of your site directly from your local system, the netlify CLI manual deploy method is the recommended way to do this and the “drag & drop” method in the web UI will also work well.

Summary

Netlify is designed for a specific type of website: JAMStack sites. Part of the JAMStack design philosophy is that an application runtime isn’t used by the HTTP server. Quoting the JAMStack.org site again:

The thing that they all have in common is that they don’t depend on a web server.

We hope helps to clarify both that application servers and databases cannot be used (outside of APIs) with Netlify sites and why this is the case. If there are other questions about this, please reply here and we’ll do our best to answer.